220 likes | 374 Views
EPC RFID Tag Security Weaknesses and Defenses: Passport Cards, Enhanced Drivers Licenses, and Beyond. Made Harta Dwijaksara Park, Yi Jae. Contents. Introduction Experimental Evaluation of Passport Card and EDLs Defensive Directions: Backward Compatible Cloning Defense Co-opting KILL
E N D
EPC RFID Tag Security Weaknesses and Defenses:Passport Cards, Enhanced Drivers Licenses, and Beyond Made HartaDwijaksara Park, Yi Jae
Contents • Introduction • Experimental Evaluation of Passport Card and EDLs • Defensive Directions: Backward Compatible Cloning Defense • Co-opting KILL • Co-opting ACCESS • Advantage and Limitation • Experiments with and Extensions to KILL-Based Authentication • Conclusion
Introduction • Explore the systemic risks and challenges created by the increasingly common use of EPC for security applications • Implications of vulnerabilities to overall system security • Suggestions for improvement • Anti-cloning techniques for off-the-shelf EPC tags
IntroductionEPC (Electronic Product Code) Tag • Industry-standard RFID devices • Supplant optical barcodes • Identify each item manufactured • Low cost and Relatively Long read range • Class-1 Gen-2 tag • EPC: Creation of Auto-ID Labs, currently managed by EPCglobal
IntroductionPassport Card & EDL • EPC tags are now seeing a landmark deployment in the U.S. in identity documents used at national border crossings • Passport Card, EDL
IntroductionPassport Card & EDL • Passport Card • Alternative to an ordinary U.S. passport booklet for land and sea travel within North America • Cannot be used for international air travel • Incorporate an EPC tag • EDL(Enhanced Driver’s Licenses) • Regular driver’s license + Passport card • Authors use Washington State EDLs (WA EDLs)
IntroductionVulnerabilityAnalysis • Cloning • The publicly readable data can be straight-forwardly cloned after a single read • Tag Identifier (TID): tag-specific serial number • Readability • Other attacks • EDLs are vulnerable to denial-of-service and covert-channel attacks
Experimental Evaluation of Passport Card and EDLs • Weakness in the TID-based anti-cloning mechanism • Other memory banks • Kill-PIN selection • Read-range experiments
Experimental Evaluation of Passport Card and EDLsWeakness in the TID-based anti-cloning mechanism • The U.S. Department of Homeland Security think that TID can be used to remove the risk of cloning • However, Gen-2 standard only requires TID identify the manufacturer and information about the tag’s capabilities • Authorshave cloned a Passport Card and a WA EDL • Also, tag-specific TID does not prevent the emulation of an EPC tag (logical copying)
Experimental Evaluation of Passport Card and EDLs • Other memory banks • The entire EPC memory bank which contains the card’s unique EPC value is readable • Kill-PIN selection • Kill-PIN is unprogrammed and not locked on WA EDLs • Can directly write 32-bit Kill-pin • Can kill a cloned EDL
Experimental Evaluation of Passport Card and EDLsRead-range experiments • Read ranges: a major determinant of the vulnerability of an EDL or Passport Card to clandestine cloning attacks and attacks against privacy • Single scan of a tag is sufficient to create a clone • Radio-opaque shielding sleeve • uncertain that EDL and Passport Card bearers will consistently use their protective sleeves
Experimental Evaluation of Passport Card and EDLsRead-range experiments
Defensive Directions: Backward Compatible Cloning Defense • Class-1 Gen-2 has no explicit anti-cloning feature • Co-opting of two Gen-2 access control commands for authentication tag are proposed • Co-opting KILL for tag authentication • Co-opting ACCESS for tag authentication
Co-opting KILL (1/3) • The KILL command is an EPC feature designed to protect consumer privacy by allowing tag to be disable at the point of sale in retail environments When the kill command received along with a tag-specific 32-bit KILL PIN Pkill, tag becomes permanently inoperative. This operation is a power intensive operation Image source: Ari Juels, “RFID Security and Privacy: A Research Survey”. Journal of Selected Areas in Communication (J-SAC), 24(2):381-395, February 2006.
Co-opting KILL (2/3) • A reader with knowledge of Pkillcan authenticate a tag by constructing an invalid PIN P’killand transmitting the pair (Pkill,P’kill) in random order • A valid tag will acknowledge the correct PIN and reject the incorrect PIN, an invalid one can respond correctly with the probability at most ½ (KBA – Kill Based Authentication)
Co-opting KILL (3/3) • The challenge of KBA is the reliable transmission of command in the low-power regime of a target • Too much power and the tag will be killed (permanently inoperative) • Too little power, and the tag will not respond
Co-opting ACCESS (1/2) • EPC tags can carry secret data D with read-access control • Such data are readable only through use of the ACCESS command, with an accompanying tag-specific 32-bit PIN Paccess • The Passport Card which analyzed here has bothPkilland Paccess set and locked • But Washington State EDL could have its Pkill set and locked over the air (its Paccess is already set and locked)
Co-opting ACCESS (2/2) • An entity with knowledge of Paccess for tag as well as D can authenticate the tag by checking D • An entity without knowledge of Paccess cannot extract D without physically attacking the tag • Known as ACCESS-based authentication (ABA) Challenge and Response Mechanism using ABA
Advantage and Limitation • KBA is of interest for two reason • ACCESS is optional command in EPC standard • It is possible to deploy ABA and KBA independently • KBA if not carefully implemented may actually killthe card as side-effect • Neither technique is resistant to eavesdropping, cause they are ad hoc tools meant to allow authentication in the absence of cryptography or other supporting features • The most compelling feature of KBA and ABA is their backward compatibility
Experiments with and Extensions to KILL-Based Authentication • Simple KILL-based authentication Reader ramps up the power until it receives response from a tag 15dBm to 30dBm in 0.25bB increments When reader successfully receives a replay from the target tag, the power level is fixed The reader then send N KILL commands, With N-1 bogus PINs, and 1 real PIN
Experiments with and Extensions to KILL-Based Authentication • Scaled KILL-based authentication • Determine the minimum reader power level PW RR to read target • Determine the minimum reader • power level PW RW to write target • Verify PW RW - PW RR ≥ µ (minimum power-margin parameter) • Scale the reader’s power level • PW RW + δ(PW RW - PW RR), δЄ [0,1] • Ensure the power level selected doesn’t allow a tag to write itself
Conclusion • Class-1 Gen-2 tag can be cloned, need multiple security layer for supporting anti-counterfeiting not just using TID (authentication) • In case of Passport Cards and Enhanced Driver license implication in the operational setting of border control are themselves some what more complicated • Employing RFID technology in security sensitive environment needs government regulation to ensure the security